Projects — File Browser
The Projects view is a local file browser built into Pawz. It lets you browse project folders, inspect Git status, and preview text files — all within the app using Tauri’s filesystem APIs.Adding projects
- Open the Projects view
- Click Add Folder
- Select a local directory
- The folder appears in your project list with its directory tree
Operations
| Action | Description |
|---|---|
| Add folder | Browse and add a local directory to your project list |
| Remove folder | Remove a project from the list (does not delete files on disk) |
| Refresh | Re-read the directory tree and update Git status |
File tree
Each project displays an expandable directory tree:- Lazy loading: Subdirectories are only read when you expand them, keeping the UI responsive for large projects
- File icons: Files and folders are visually distinguished
- Click to preview: Clicking a text file opens a read-only preview
File preview
The file viewer provides a read-only text preview of file contents. This is useful for quick inspection without leaving Pawz. :::info File preview is read-only by design. To edit files, use the agent’swrite_file or edit_file tools, or open the file in your preferred editor.
:::
Git integration
For projects that are Git repositories, Pawz displays rich status information:| Field | Description |
|---|---|
| Branch | Current checked-out branch |
| Remote | Configured remote URL |
| Dirty files | Number of uncommitted changes |
| Ahead/Behind | Commits ahead of or behind the remote |
| Last commit | Most recent commit message and hash |
@tauri-apps/plugin-shell and can be refreshed manually with the Refresh button.
:::tip
Use the refresh button after committing or pulling to see updated Git status without restarting the app.
:::
Security
The Projects view enforces strict security boundaries to prevent browsing sensitive system paths.Blocked paths
The following 18 sensitive path patterns are blocked from browsing:| Pattern | Reason |
|---|---|
.ssh | SSH keys and configuration |
.gnupg | GPG keys and keyrings |
.aws | AWS credentials and config |
.kube | Kubernetes configuration |
.docker | Docker credentials |
.gnome-keyring | GNOME keyring directory |
.password-store | Password store directory |
.netrc | Network authentication credentials |
/etc | System configuration |
/root | Root user home |
/var/log | System logs |
/proc | Process information pseudo-filesystem |
/sys | Kernel/device pseudo-filesystem |
/dev | Device filesystem |
C:\Windows | Windows system directory |
C:\Users\*\AppData | AppData directory |
.openclaw | OpenClaw config (contains tokens) |
.config/himalaya | Himalaya email config |
Security event logging
Any attempt to access a blocked path is logged vialogSecurityEvent() with the following details:
- Tool name: The operation attempted
- Command: The path that was blocked
- Risk level: Security classification
- Detail: Human-readable explanation
- Was allowed: Always
falsefor blocked paths